Security Threat Detection Engineer

Remote - US

LiveRamp logo
LiveRamp
Apply now Apply later

Posted 4 weeks ago

LiveRamp is the leading data connectivity platform for the safe and effective use of data. Our platform powers people-based customer experiences that improve the relevance of marketing and allow consumers to connect with the brands and products they love. We thrive on solving fascinating technical problems and enabling our customers’ success—and we’re always looking for smart, kind, compassionate people to help us blaze a trail.

 

Mission: LiveRamp makes it safe and easy for businesses to use data effectively.

 

LiveRamp is seeking an experienced leader to drive all aspects of our security automation, engineering, and threat detection.  This role will report to the Director of Information Security Operations, and work with cross-functional teams and external parties to develop and operationalize automation use cases. This role will increase operations maturity by converging automation, incident response, and threat intelligence.  In addition to automation, this role

 

You will:

  • Assess the event visibility and log coverage of the SIEM, and work with DevOps, Software Engineers, and platform owners to configure log forwarding to increase event visibility
  • Plan, implement, manage upgrades to security solutions and platforms
  • Configure and optimize tools in the security stack, e.g., CASB, DLP, EDR
  • Using the MITRE ATT&CK framework, develop, test, and implement new or customs threat detections for resources in cloud environments
  • Research new threats, attach techniques and methods
  • Design and lead threat hunt exercises with SIEM, log aggregation, and EDR technologies
  • Support, provide insight into automation and orchestration workstreams
  • Become familiar with and adapt skill set for automation in the SOAR platform
  • Perform activities that mimic threat actor behavior to test visibility, security controls and detections, and make recommendations for improvements
  • Be the point of contact for red team or pen test engagements performed
  • Validate and make recommendations for remediation from bug bounty program findings
  • Work collaboratively with DevOps, engineering, product, and cloud infrastructure teams to lead process improvements and improve overall security effectiveness
  • Participate in change control processes that may have impact to LiveRamp’s security posture



Your team will: 

  • Improve security alert triage and speed by implementing orchestration and automation
  • Conduct threat hunting exercises looking for specific malicious activity
  • Improve SIEM logging, monitoring, and threat detection capabilities for production and corporate IT assets 

 

About you: 

  • Bachelor or Masters degree in Cyber Security, Security Engineering, Computer Engineering, Computer Science, Management Information Systems, or similar technical discipline 
  • Diverse knowledge of web proxies, firewalls, IDS/IPS, IT infrastructure and processes
  • Ability to write scripts and create tools using Python, C++, Java, Ruby, and/or PowerShell
  • Prior security analyst experience with knowledge in Windows, MacOS, and Linux operating systems
  • Knowledge of cloud computing and cloud technologies
  • Experience conducting investigations in EDR, SIEM, and DLP technologies
  • One or more certifications, including but not limited to CCSP, CCSK, GCIH, GDAT, GCIA, GREM, GCFA, GSEC, CISSP, AWS Cloud Practitioner or GCP Cloud Engineer
  • Knowledge malware analysis, forensic analysis and incident response investigations



Bonus Points:

  • Network security monitoring and analysis
  • Malware reverse engineering
  • Cloud security experience

 

Benefits:

  • People: work with talented, collaborative, and friendly people who love what they do.
  • In-Office Food: enjoy catered meals, boundless snacks, and the occasional food truck.
  • Fun: we host in-person and virtual events such as game nights, happy hours, camping trips, and sports leagues. 
  • Work/Life Harmony: flexible paid time off, remote work opportunities, and paid parental leave. 
  • Whole Health Package: medical, dental, vision, and disability insurance. Plus mental health support (via Talkspace) and fitness reimbursement up to $100 per month. 
  • Savings: our 401K matching plan helps you plan ahead.
  • Commuter Subsidy: $75 per month to be used toward commuter cards, monthly parking, rideshare pools, or metro/bus passes.
  • Location: work remotely from your home office.

 

More about us:

LiveRamp’s mission is to connect data in ways that matter, and doing so starts with our people. We know that inspired teams enlist people from a blend of backgrounds and experiences. And we know that individuals do their best when they not only bring their full selves to work but feel like they truly belong. Connecting LiveRampers to new ideas and one another is one of our guiding principles—one that informs how we hire, train, and grow our global team across eight countries and four continents.

LiveRamp is an affirmative action and equal opportunity employer (AA/EOE/W/M/Vet/Disabled) and does not discriminate in recruiting, hiring, training, promotion or other employment of associates or the awarding of subcontracts because of a person's race, color, sex, age, religion, national origin, protected veteran, disability, sexual orientation, gender identity, genetics or other protected status. Qualified applicants with arrest and conviction records will be considered for the position in accordance with the San Francisco Fair Chance Ordinance.  California residents: Please see our California Personnel Privacy Policy for more information regarding how we collect, use, and disclose the personal information you provide during the job application process.

To all recruitment agencies: LiveRamp does not accept agency resumes. Please do not forward resumes to our jobs alias, LiveRamp employees or any other company location. LiveRamp is not responsible for any fees related to unsolicited resumes.

Job tags: AWS CISSP Cross-functional Cyber Security DevOps Firewalls Java Linux MacOS Point of contact PowerShell Python Recruiting Research Ruby Security Training Windows